How to use CF client with user token E2E

Question

I want to use the go-cfclient library to connect to Cloud Foundry and check for application services etc.

I was able to connect with Java/Node/Go while using my user password explicit in the code.

Now I want to simulate a scenario using a token, i.e. instead of using my password, use my user token to simulate the connection.

How can I achieve this kind of simulation?

Preferred in go-cfclient or Node.

Update

I need an E2E real-life example with a CF token where the user uses some sample UI and maybe provides some credentials the first time, but all subsequent requests should work with the CF token only.

I need this example in Golang.

Answer 1

I would always prefer writing a Wrapper-Script using Powershell or in Bash scripting Language

Your CF-CLI leaves all the login information under ~\.cf\config.json and reading this using script language is very easy and not demands high programming effort.

In my case, I used this to switch between different foundations. My Powershell script would execute with this command ./cfwrapper switch

Function SwitchFoundation () {

    Write-Host 'Which Foundation You would like to Switch ??'`n
    $foundationNumber = FoundationPrompt
    $foundationIndex = $foundationNumber-1
    $foundations = $foundationsJsonSettings
    $foundation = $foundations[$foundationIndex]


    if ($foundation -ne $null) {
        if (Test-Path $configPath$foundationNumber) {
            Write-Host 'You are now getting Switched to another Foundation. Please wait for a moment'`n
            CopyConfig ($foundationNumber) ('reverse')
            cf target
        }else {
            Write-Host 'Your login to this Foundation is not found. Kindly do a Fresh login below'`n
            CFLoginSSOCommand ($foundationNumber) ($foundation.api_url)
        }

    } else {
        Write-Host 'Foundation Number is wrong. Please retry..'
    }


}

Function CFLoginSSOCommand ($foundationNumber,$apiUrl) {
    Write-Host 'Logout command will be executed blankly to flush out all your current Logins'
    cf logout
    cf login --sso -a $apiUrl
    CopyConfig($foundationNumber)


}

Function CopyConfig($foundationNumber, $flag) {
    Write-Host 'Copying Config Path'
    if ($flag -eq 'reverse') {
        Copy-Item -Path $configPath$foundationNumber -Destination $configPath
    }else {
        Copy-Item -Path $configPath -Destination $configPath$foundationNumber
    }

}

In short, CF-CLI has got all the necessary commands.. All that we require is to write a simple wrapper around it .

Answer 2

You can find a typical OAuth2 token handling sequence for CF from the link below. For using this token for the other API call, you can also refer to other test cases.

https://github.com/cloudfoundry-community/go-cfclient/blob/a0a191bdc19a7a7189c050444aeaf20d2a125875/client_test.go#L117

Anyway, it is an OAuth2 token which is expired after its expiration period. You cannot avoid login with user/pass if you do not refresh it within the expiration period.

UPDATED

You already said you can log in with username and password, so what you need to do is simply get token with API call for it. something like:

c := &Config{
    ApiAddress: myApiAddress,
    Username:   "foo",
    Password:   "bar",
}

client, err1 := NewClient(c)
if err1 != nil {
    // error handling for connection failure
}
// you already reach here. right?

token, err2 := client.GetToken()
if err2 != nil {
    // error handling for token retreive failure
}

// just do what you want with token

you can find what is happening under the hood by checking the source: https://github.com/cloudfoundry-community/go-cfclient/blob/a0a191bdc19a7a7189c050444aeaf20d2a125875/client.go#L375

for more information, jsut try to print out the client structure:

fmt.Printf("client: %v\n", client)

then I guess you can found more information.